1. Technical Field
The present invention relates to Internet access and, in particular, to content filtering. Still more particularly, the present invention provides a method, apparatus, and program for dynamic modification of Internet firewalls using variably-weighted text rules.
2. Description of Related Art
With the ubiquity of the Internet birthing new business models and ways of working, a variety of risks are also presented to organizations that seek to capitalize on the burgeoning e-business trend. Besides the obvious security risks of damaging or unwarranted software making its way into an organizational network, liabilities exist, particularly surrounding the download of indecent or questionable subject matter. In order to protect both its information infrastructure, as well as the professional standards expected in a workplace, companies and non-profits make frequent use of firewalls, the gateways imposed between the internal network and the outside world, i.e. the Internet.
Firewalls stand at an organization's electronic connection to the Internet and are routinely configured to allow or disallow access to sites and services based upon the nature of the services. Firewall configuration must be performed by an administrator based upon established company policies. These policies may reflect a limitation of services to e-mail, world wide web (WWW) access, and whatever else is deemed necessary to accomplish business objectives. However, given that document retrieval may include material deemed by management to be improper, human review is necessary to ensure that access complies with company policies. The content of the Internet is so dynamic that it is extremely difficult for administrators to keep up with the nature of-all registered domains.
Content filtering at the firewall requires human interaction. For example, an administrator may decide that a given Internet protocol (IP) address is serving inappropriate content and the administrator must then enter rules at the firewall which deny any further internal access to that site. An alternative to this approach may be conducted on the desktop using “fat-client” software that filters at the client machine. The latter approach is limited in scope and is seldom used in a corporate environment because of the demoralizing intrusion on the end user, as well as the logistical problems of code distribution among client machines.
Therefore, it would be advantageous to provide a solution to content filtering that does not require human intervention and manual review of content and does not impose restrictive and cumbersome desktop filtering best suited for home computers.